<%@CODEPAGE="65001"%>
<!--#include file="conn.asp"-->
<!--#include file="md5.asp"-->
<%
'open data
Call OpenData
title = request("title")
content = request("content")
password = request("pass")
id = CInt(request("noteid"))
edit = request("edit")
If edit = "" Or IsNull(edit) Or Not IsNumeric(edit) Then
	edit = 0
End If
edit = CInt(edit)
act = request("act")
del = request("del")
If act = "note" then
	if password <> NotePass then
		response.write("Error:\nPassword is wrong!")
		response.end
	end if
	if content = "" or title = "" then
		response.write("Error:\nPlease enter title and content!")
		response.end
	end If

	If edit = 0 Then
		pubtime = now()
		thetime = EnStrDate(pubtime)
	End if
	set rs = server.createObject("adodb.recordset")
	If edit = 1 then
		sql = "select * from notes where id = "&id
	Else
		sql = "select * from notes"
	End if
	rs.open sql,conn,1,3
	If edit = 0 then
		rs.addnew
	End if
		rs("title") = title
		rs("content") = content
		If edit = 0 then
			rs("pubtime") = pubtime
		End if
	rs.update
	rs.close
	set rs = nothing
	'response.Write(pubtime)
	If edit = 0 then
		id = getID(title)
	End if
	response.write("update ok|"&thetime&"|"&id)
End If
'del notes
If act = "delnote" Then
	sqlDel = "delete * from notes where id = "&id
	conn.execute(sqlDel)
	response.write("Delete success!")
End If
'message
If act = "msg" then
	uname = request("uname")
	uemail = request("uemail")
	usite = request("usite")
	content = request("content")

	if uname = "" or uemail = "" then
		response.write("Error:Please enter your name and your email!")
		response.end
	end If
	If IsValidEmail(uemail) = False Then
		response.write("Error:Your email is wrong!")
		response.end
	End If
	uname = htmldecode(uname)
	uemail = htmldecode(uemail)
	usite = htmldecode(usite)
	content = CheckStr(htmldecode(content))

	set rs = server.createObject("adodb.recordset")
	sql = "select * from message"
	rs.open sql,conn,1,3
	rs.addnew
		rs("username") = uname
		rs("email") = uemail
		rs("website") = usite
		rs("content") = content
		rs("pubtime") = Now()
	rs.update
	rs.close
	set rs = nothing
	response.write("Success:Thank you to me message!")
End If
If act = "create" Then
	rss = rss & "<?xml version=""1.0"" encoding=""utf-8""?>" & vbcrlf
	rss = rss & "<rss version=""2.0"">" & vbcrlf
	rss = rss & "<channel>" & vbcrlf
	rss = rss & "<title><![CDATA["&EnSiteName&"]]></title>" & vbcrlf
	rss = rss & "<link>http://"&Domain&"/</link>" & vbcrlf
	rss = rss & "<description><![CDATA["&EnDescription&"]]></description>" & vbcrlf
	rss = rss & "<language>zh-cn</language>" & vbcrlf
	rss = rss & "<copyright><![CDATA[&copy 2008 "&Domain&" all rights reserved]]></copyright>" & vbcrlf
	rss = rss & "<webmaster><![CDATA[Poor(QQ:973927 E-MAIL:poor@asia.com)]]></webmaster>" & vbcrlf
	rss = rss & "<generator>EC-XML 1.0</generator>" & vbcrlf
	rss = rss & "<image>" & vbcrlf
	rss = rss & "<title>"&EnSiteName&"</title>" & vbcrlf
	rss = rss & "<url>http://"&Domain&"/images/logo.gif</url>" & vbcrlf
	rss = rss & "<link>http://"&Domain&"/</link>" & vbcrlf
	rss = rss & "<description>"&EnDescription&"</description>" & vbcrlf
	rss = rss & "</image>" & vbcrlf
	set rs = server.CreateObject("adodb.recordset")
	sql = "select top 30 * from notes order by id desc"
	rs.open sql,conn,1,1
	do while not rs.eof
		ID = rs("ID")
		Title = rs("Title")
		PubTime = rs("PubTime")
		Content = rs("Content")
			rss = rss & "<item>" & vbcrlf
			rss = rss & "<link>http://"&Domain&"/notes/?/"&ID&"</link>" & vbcrlf
			rss = rss & "<title><![CDATA[" &Title& "]]></title>"& vbcrlf
			rss = rss & "<category><![CDATA[""notes""]]></category>" & vbcrlf
			rss = rss & "<pubDate>" &PubTime& "</pubDate>"& vbcrlf
			rss = rss & "<guid>http://"&Domain&"/notes/?/"&ID&"</guid>"& vbcrlf
			rss = rss & "<description><![CDATA[" &Content& "]]></description>" & vbcrlf
			rss = rss & "</item>" & vbcrlf
		rs.movenext
		loop
	rs.close
	set rs = Nothing
	rss = rss & "</channel>" & vbcrlf
	rss = rss & "</rss>" & vbcrlf
	call Write2File(server.Mappath("/rss.xml"),rss,"utf-8")
	response.Write("create success!")
End If
'comment
If act = "comment" Then
	c_uname = request("c_uname")
	c_uemail = request("c_uemail")
	c_usite = request("c_usite")
	c_content = request("c_content")

	if c_uname = "" or c_uemail = "" then
		response.write("Error:Please enter your name and your email!")
		response.end
	end If
	If IsValidEmail(c_uemail) = False Then
		response.write("Error:Your email is wrong!")
		response.end
	End If
	c_uname = htmldecode(c_uname)
	c_uemail = htmldecode(c_uemail)
	c_usite = htmldecode(c_usite)
	c_content = CheckStr(htmldecode(c_content))
	pubtime = Now()
	set rs = server.createObject("adodb.recordset")
	sql = "select * from comment"
	rs.open sql,conn,1,3
	rs.addnew
		rs("username") = c_uname
		rs("email") = c_uemail
		rs("website") = c_usite
		rs("content") = c_content
		rs("noteid") = ID
		rs("pubtime") = pubtime
	rs.update
	rs.close
	set rs = Nothing
	c_uemail = MD5(c_uemail,32)
	c_date = EnNumDate(pubtime)
	response.write(c_uemail&"|Success:Thank you!"&"|"&c_date)
End If
Call CloseData
%>